Debian Bug report logs - #580941
Improved iptables-apply v.1.1: run command (-c), write successful rules (-w) and code cleanup

version graph

Package: iptables; Maintainer for iptables is Laurence J. Lane <ljlane@debian.org>; Source for iptables is src:iptables.

Reported by: GW <gwSPAM.debian@tnode.com>

Date: Mon, 10 May 2010 00:33:01 UTC

Severity: wishlist

Tags: patch, upstream

Found in version iptables/1.4.6-2

Fixed in version iptables/1.4.21-1

Done: ljlane@debian.org (Laurence J. Lane)

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, gwSPAM.debian@tnode.com, madduck@debian.org, ljlane@debian.org (Laurence J. Lane):
Bug#580941; Package iptables. (Mon, 10 May 2010 00:33:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to GW <gwSPAM.debian@tnode.com>:
New Bug report received and forwarded. Copy sent to gwSPAM.debian@tnode.com, madduck@debian.org, ljlane@debian.org (Laurence J. Lane). (Mon, 10 May 2010 00:33:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: GW <gwSPAM.debian@tnode.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Improved iptables-apply v.1.1: run command (-c), write successful rules (-w) and code cleanup
Date: Mon, 10 May 2010 02:27:59 +0200
[Message part 1 (text/plain, inline)]
Package: iptables
Version: 1.4.6-2
Severity: wishlist
Tags: sid lenny patch upstream squeeze experimental

Hey,

I have written two new enhancements for iptables-apply, fixed some bugs
and also done some code cleaning. The attached large patch is against the
latest iptables upstream release 1.4.7 (the code for iptables-apply also hasn't
changed for quite a while) and because it is so large I increased the version
to 1.1.

New usage (compatible with the old one):
  iptables-apply [-hV] [-t timeout] [-w savefile] {[rulesfile]|-c [runcmd]}

New options:
-w savefile, --write savefile
  Specify the savefile where successfully applied rules will be written to
  (default if empty string is given: /etc/network/iptables.up.rules).
-c runcmd, --command runcmd
  Run command runcmd to configure iptables instead of applying a rulesfile
  (default: /etc/network/iptables.up.run).

I hope it is understandable. For questions look into the new man page
(or run new 'iptables-apply -h') or just ask.

This two options allow you to implement a store last good configuration
mechanism (in case your custom iptables setup script sometimes breaks),
just by using it like:
  iptables-apply -w /etc/network/iptables.up.rules -c
/etc/network/iptables.up.run

This is also extremely useful in combination with a if-pre-up script (will send
bug
report soon) and allows you to modify your iptables setup script and be sure
that only the last working iptables rules will get restored after reboot.



-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'testing-proposed-updates'), (600,
'unstable'), (500, 'lenny'), (500, 'karmic'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-3-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages iptables depends on:
ii  libc6                         2.10.2-6   Embedded GNU C Library: Shared lib

iptables recommends no packages.

iptables suggests no packages.
[iptables-apply-runcmd-and-savefile-and-code-cleanup.patch (text/x-diff, attachment)]
[iptables-apply (text/x-shellscript, attachment)]
[iptables-apply.8 (text/troff, attachment)]

Added tag(s) wheezy. Request was from Kurt Roeckx <kurt@roeckx.be> to control@bugs.debian.org. (Wed, 16 Feb 2011 19:04:08 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Laurence J. Lane <ljlane@debian.org>:
Bug#580941; Package iptables. (Thu, 30 Jun 2011 11:57:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to martin f krafft <madduck@debian.org>:
Extra info received and forwarded to list. Copy sent to Laurence J. Lane <ljlane@debian.org>. (Thu, 30 Jun 2011 11:57:11 GMT) Full text and rfc822 format available.

Message #12 received at 580941@bugs.debian.org (full text, mbox):

From: martin f krafft <madduck@debian.org>
Cc: 580941@bugs.debian.org
Subject: Re: Bug#580941: Improved iptables-apply v.1.1: run command (-c), write successful rules (-w) and code cleanup
Date: Thu, 30 Jun 2011 13:55:19 +0200
[Message part 1 (text/plain, inline)]
also sprach GW <gwSPAM.debian@tnode.com> [2010.05.10.0227 +0200]:
> I have written two new enhancements for iptables-apply, fixed some bugs
> and also done some code cleaning. The attached large patch is against the
> latest iptables upstream release 1.4.7 (the code for iptables-apply also hasn't
> changed for quite a while) and because it is so large I increased the version
> to 1.1.

Please split the patch into multiple ones to keep features and
cleanup separate.

> New options:
> -w savefile, --write savefile
>   Specify the savefile where successfully applied rules will be written to
>   (default if empty string is given: /etc/network/iptables.up.rules).

The default should probably be in /var, e.g. /var/cache or
/var/spool

> -c runcmd, --command runcmd
>   Run command runcmd to configure iptables instead of applying a rulesfile
>   (default: /etc/network/iptables.up.run).

Ok.

-- 
 .''`.   martin f. krafft <madduck@d.o>      Related projects:
: :'  :  proud Debian developer               http://debiansystem.info
`. `'`   http://people.debian.org/~madduck    http://vcs-pkg.org
  `-  Debian - when you have better things to do than fixing systems
 
"women who want to be equal to men lack ambition."
                                                      -- timothy leary
[digital_signature_gpg.asc (application/pgp-signature, inline)]

Added tag(s) jessie. Request was from Julien Cristau <jcristau@debian.org> to control@bugs.debian.org. (Thu, 18 Apr 2013 17:40:13 GMT) Full text and rfc822 format available.

Added tag(s) pending. Request was from "Laurence J. Lane" <ljlane@debian.org> to control@bugs.debian.org. (Tue, 03 Sep 2013 14:09:05 GMT) Full text and rfc822 format available.

Reply sent to ljlane@debian.org (Laurence J. Lane):
You have taken responsibility. (Tue, 17 Dec 2013 00:21:09 GMT) Full text and rfc822 format available.

Notification sent to GW <gwSPAM.debian@tnode.com>:
Bug acknowledged by developer. (Tue, 17 Dec 2013 00:21:09 GMT) Full text and rfc822 format available.

Message #21 received at 580941-close@bugs.debian.org (full text, mbox):

From: ljlane@debian.org (Laurence J. Lane)
To: 580941-close@bugs.debian.org
Subject: Bug#580941: fixed in iptables 1.4.21-1
Date: Tue, 17 Dec 2013 00:19:13 +0000
Source: iptables
Source-Version: 1.4.21-1

We believe that the bug you reported is fixed in the latest version of
iptables, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 580941@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laurence J. Lane <ljlane@debian.org> (supplier of updated iptables package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 01 Dec 2013 19:48:23 -0500
Source: iptables
Binary: iptables libxtables10 iptables-dev
Architecture: source amd64
Version: 1.4.21-1
Distribution: unstable
Urgency: low
Maintainer: Laurence J. Lane <ljlane@debian.org>
Changed-By: Laurence J. Lane <ljlane@debian.org>
Description: 
 iptables   - administration tools for packet filtering and NAT
 iptables-dev - iptables development files
 libxtables10 - netfilter xtables library
Closes: 567564 580941 644819 654983 660748 668582 698393 699537 699904
Changes: 
 iptables (1.4.21-1) unstable; urgency=low
 .
   * New upstream release
     + Corrected spurious load_extension errors. Closes: #699537
     + Corrected man page icmp defaults. Closes: #644819
     + Corrected state man page. Closes: #654983
     + Corrected address in hashlimit man page. Closes: #698393
     + Removed syslogd man page references. Closes: #567564
     + Added string match man page hex examples. Closes: #699904
     + Merged 0201-iptables-xml_man_section.patch
     + Merged 0303-extension_cppflags.patch
     + Merged 0401-state-match-display.patch
   * Updated iptables-apply to v1.1. Closes: #580941
   * Use mktemp instead of tmpfile for iptables-apply. Closes: #668582
   * Add iptables-apply info to man pages. Closes: #660748
   * Updated debian/copyright
   * Updated debian/control Description
   * Removed debian/builddir hack and other debian/rules cruft
   * Removed debug info from README.Debian
Checksums-Sha1: 
 b58fb9867aae99dbf3c8ae587c061706f2d8dcd2 1290 iptables_1.4.21-1.dsc
 85d4160537546a23a7e42bc26dd7ee62a0ede4c8 547439 iptables_1.4.21.orig.tar.bz2
 554e80d83f5a036e71650da308271d64a95efb90 60630 iptables_1.4.21-1.debian.tar.gz
 463cf91ab7684f34b05598fe9976e46f1ad760aa 274860 iptables_1.4.21-1_amd64.deb
 547da4a19c96f7d051bd736fc8daa7e3bd4168e0 66688 libxtables10_1.4.21-1_amd64.deb
 c6089ee3ab25e6a3661b62fd9c88c4411cf3a970 69508 iptables-dev_1.4.21-1_amd64.deb
Checksums-Sha256: 
 7a9b3226bec3a991a82cb9606781dba83744826793d73ace1a19584f9c6d6a41 1290 iptables_1.4.21-1.dsc
 52004c68021da9a599feed27f65defcfb22128f7da2c0531c0f75de0f479d3e0 547439 iptables_1.4.21.orig.tar.bz2
 bb65bd7cc4ee0c450152f7561ee0570c20ea0211f1d6708e15c3718f8b89bfb8 60630 iptables_1.4.21-1.debian.tar.gz
 be8332b4a20d8460c4065d50ae6d8343af1fdc843d23dfc987a13740cf3baacd 274860 iptables_1.4.21-1_amd64.deb
 d07c41dee4414fdfad69489d7aba7dd2afce126fceb615ce3817c2743bc7aaf5 66688 libxtables10_1.4.21-1_amd64.deb
 db858b81f6d945249ca121ea32d6bed7654b3a18219da0e61bad652f46d24d38 69508 iptables-dev_1.4.21-1_amd64.deb
Files: 
 9e52f00725384085c1dd3b6cf4a1f022 1290 net important iptables_1.4.21-1.dsc
 536d048c8e8eeebcd9757d0863ebb0c0 547439 net important iptables_1.4.21.orig.tar.bz2
 d03bf033d0a15b8e888a1ba0f49318cd 60630 net important iptables_1.4.21-1.debian.tar.gz
 a80cf9c805593377b54287ad5bd542c5 274860 net important iptables_1.4.21-1_amd64.deb
 b12dc0292fa369d3d69aa5ebba42e5d3 66688 net important libxtables10_1.4.21-1_amd64.deb
 14b2de1fc6d6438b9a65af0346f168c3 69508 devel optional iptables-dev_1.4.21-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iEYEARECAAYFAlKvlWoACgkQxJBkNlXToek2EACdHPdZoJu5BiXgyVzSJ4qSMNFn
GywAnjWARtsOaHA0JJaOVDfueCVgy8ca
=xqUQ
-----END PGP SIGNATURE-----




Removed tag(s) sid, squeeze, wheezy, experimental, jessie, and lenny. Request was from Andreas Beckmann <anbe@debian.org> to control@bugs.debian.org. (Tue, 17 Dec 2013 20:12:16 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 24 Jan 2014 07:30:03 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 11:39:55 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.